Default ACLs for FILE: ccaches on Windows
Jeffrey Altman
jaltman at MIT.EDU
Mon Jul 24 15:04:39 EDT 2006
Henry B. Hotz wrote:
>> krb5_fcc_initialize() has the property that it deletes the existing
>> file
>> with unlink() and then creates a new file for the empty ccache. The
>> unwanted side effect is that any ACLs which have been set on the file
>> are lost.
>
> Are POSIX semantics insufficient? Not all platforms support ACL's.
I'm not suggesting that other platforms support ACLs. I'm suggesting
that on Windows that file ccaches should not be created with the default
ACLs which tend to be much too permissive.
Jeffrey Altman
More information about the krbdev
mailing list